WhatsApp Vulnerability Allowed Hackers To Inject Spyware

One of the features of WhatsApp that the company loves to boast about would be its end-to-end encryption. This means that messages sent and received are thoroughly encrypted, thus preventing hackers from intercepting them and reading them. However, it seems that while the app might be protected on that front, there was a vulnerability that was open.

Advertising

According to a report from The Financial Times (paywall), WhatsApp has recently disclosed a vulnerability that affected its app in which malicious code developed by a company called NSO Group could be injected into it, infecting WhatsApp users on both iOS and Android devices. This code is essentially spyware that would allow the attacker to spy on the devices of its victims.

WhatsApp said, “This attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems. We have briefed a number of human rights organizations to share the information we can, and to work with them to notify civil society.”

It is unclear as to how many devices might have been affected as a result of this, but with the company having 1.5 billion users worldwide, even 1% is 1% too many. Thankfully, the company seems to have fixed it and are deploying a patch to users today, so be sure to update your WhatsApp if you’d like to avoid the risk of being infected by this spyware.